Imprivata offers digital security solutions for healthcare organizations. For more information, see

Menu path: Sessions > Appliance Mode > Imprivata

Set the URL to the server

URL address of the single sign-on server.

Path to the appliance

Path to the application on the single sign-on server. (Default: sso/servlet/getembeddedloader?arch=amd64)

Enable component's logging

☑  Log files will be generated. You will need them if support is required in the future.

Redirection of smartcards

☑  A smartcard will be redirected into a session.

PIE application launcher for Citrix

☑  Enables the grid theme for organizing Citrix apps.

The following setting is active if Enable component's logging is enabled:

Component's logging verbosity

Specifies the level of detail for the log files.
Possible options:

  • "debug": Detailed information on the flow through the system.
  • "info": Runtime events (startup/shutdown). 
  • "warning": Events that may lead to unexpected behavior.
  • "error": Other errors or unexpected conditions.
  • "critical": Events that may break the workflow. 

Path to certificate

Absolute path to the certificate your Imprivata Appliance or Certification Authority issued. (Default: /wfs/ca-certs/ssoCA.cer)


If you rename the certificate or decide to store it in a different place, you have to adjust the path accordingly under Sessions > Appliance Mode > Imprivata > Path to Certificate.
Best practice is to change it directly through the profile which also issued the firmware update. 

Fast User Switching

FUS user

The username for the preconfigured session.
Possible options:

  • Hostname: The hostname of the endpoint device will be used as a username.
  • MAC address: The MAC address of the device will be used as a username.
  • Serial of the board: The serial number of the device will be used as a username.
  • Free text entry

FUS user's domain

The domain the user belongs to.

FUS user's password

The password of the user running the preconfigured session.

Citrix Store URL

URL of the StoreFront website or of XenApp Services.

FUS resource

The resource, like the Desktop or Application, that is assigned to the username.

Single Application Kiosk

The Imprivata PIE agent will be signaled that the FUS resource is an application.

Enable on-screen keyboard

☑ If a touchscreen is used, the on-screen keyboard is enabled.

The following settings are active if Enable on-screen keyboard is activated:

x coordinate of on-screen keyboard

Specifies the X position of the on-screen keyboard in pixels. (Default: 2)

y coordinate of on-screen keyboard

Specifies the Y position of the on-screen keyboard in pixels. (Default: 2)

Width of on-screen keyboard in pixels

It is recommended that you specify either the width or the height. (Default: 900)

Height of on-screen keyboard in pixels

It is recommended that you specify either the width or the height. (Default: 0)

If you need to modify and adjust the sessions, see Imprivata: Session Customization.

Imprivata automatically creates a data partition, i.e. storage location for internal data.
If you are asked by your support to delete the data partition or you want to delete it for other reasons, see Imprivata: Clear the Imprivata Data Partition.

Useful Registry Keys

  • If you need to set a default AD domain for PIE agent, go to System > Registry > imprivata.default_domain and specify the NetBIOS name of your AD domain.
  • If you need to ignore the VMware protocol selected by the Imprivata appliance, activate System > Registry > imprivata.ignore_horizon_protocol. In this case, the local selection under Horizon Client > Horizon Client Global > Server Options > Preferred desktop protocol will be used.
  • To avoid focus theft from other windows, activate System > Registry > imprivata.avoid_focus_ownership.